License-based Protection

Share:

Rockwell Software®Studio 5000 Logix Designer® application integrates CodeMeter technology to protect intellectual property throughout all stages of a product lifecycle, from the creation and modification of the source code to the compiled programs running on the controller. The chain of access to IP in all these phases involves several actors: developers, system integrators, machine operators, maintenance and technical support personnel, contractors, and end users. Cyber-attacks might therefore come from inside a company, intent on stealing IP, or from outside, trying to manipulate the systems.

License-based Protection creates software licenses that contain the cryptographic keys used to encrypt and decrypt source code and executable programs running on programmable controllers. Additionally, access to protected content is based on the least privilege security principle: users get only the required permissions to do their job.

The licenses are stored in CodeMeter’s tamper-proof hardware elements that embed a smart card security chip on which the sensitive keys are stored. These secure devices are available in different form factors:

CmStick/M with HID or MSD interface and 8 GB flash memory

CmStick/C with HID or MSD interface and without flash memory

CmCard/SD with 4 GB flash memory

License-based Protection consists of the following components:

Source Protection – Protecting Sensitive CodeCodeMeter-powered Rockwell Software Studio 5000 design and configuration environment from Rockwell Automation encrypts sensitive source code. Developers can decide in the Studio 5000 environment which parts of the source code need to be protected with which licenses and therefore which users provided with an authorized CodeMeter hardware secure element can view or modify protected contents. Routines, Ladder, Structured Text, and Add-On Instructions (AOIs) in all languages are supported.

Execution Protection – Protecting Runtime in ControllersApplication code programs for the Allen-Bradley® ControlLogix 5580, CompactLogix 5380, and CompactLogix 5480 programmable controllers from Rockwell Automation are set to run only when a CodeMeter-powered secured SD card (CmCard/SD) with a license obtained from the Web Portal is present in the controller. The copy protection prevents the unauthorized shifting of programs in between controllers.

Web Portal – License and Entitlement ManagementSource and Execution Protection licenses are easily created, assigned, distributed, and managed via the CodeMeter-powered Web Portal. The administrator can grant developers immediate access to the source code of programs associated with a specific production line by entitling the user to a set number of license-based resources for the limited time necessary to carry out the operation. Licenses and entitlement rights can be saved on different types of secure devices: CmStick/M, CmStick/C, and CmCard.

The flexibility of the Web Portal also allows for managing licenses for specific machines, routines, and AOIs and using the Recipient Type functionality to pre-define user profiles.

In essence, License-based Protection offers Original Equipment Manufacturers (OEMs) the technology to manage the IP rights of developers, startup and maintenance engineers, and end users in the most granular and versatile way through:

State-of-the-art cryptography and secure hardware elements that provide strong encryption and secure key storage for source code and programs running on the controllers.